<?
	if (!defined('i-Teck_ADMIN')) die("Hacking attempt");

	switch($mod){
		case "add":
			

?>
     

<center><font color=red><? echo isset($_SESSION["ten"]);?></font></center>
<form name="form1" method="post" action="">
<article class="module width_full">
			<header><h3>Thêm User</h3></header>
				<div class="module_content">	
				<fieldset>
							<label>Tên đăng nhập</label>
							<input name="t1" type="text" id="t1" size="50">
				</fieldset>
				<fieldset>
							<label>Mật khẩu</label>
							<input name="t2" type="text" id="t2" size="50">
				</fieldset>
				
				<input type="submit" name="cmd" id="cmd" value="Thêm" class="alt_btn">
				</div>
		</article><!-- end of styles article -->
</form>
<p>
  <?



if(isset($_REQUEST["cmd"])=="Thêm"){
	
	$a = addslashes($_POST["t1"]);
	$b = $_POST["t2"];
	$user = "select * from shop_user where user='{$a}'" ;
	$result = mysql_query($user) or die (mysql_error());
	if (mysql_num_rows($result)>=1){
		$_SESSION["ten"]="Tên đăng nhập này đã có rồi";
		echo "<meta http-equiv='refresh' content='0;url=?act=user&mod=add'>";}
		
		
		else{
	
	$sql="insert into shop_user(user,pass) values ('$a','".md5(sha1($b))."')";
	mysql_query($sql);
	
	echo"<meta http-equiv='refresh' content='0;url=?act=user&mod=view'>";
}}


			break;
	
	
	
		case "delete": 	

	$a=intval($_REQUEST["id"]);
	$sql = "delete from shop_user where id=$a";
	mysql_query($sql) or die (mysql_error());
	mysql_close();
	echo"<meta http-equiv='refresh' content='0;url=?act=user&mod=view'>";

 
		 break;
	
	case"edit": 
	$id=intval($_REQUEST["id"]);
	$sql=mysql_query("select * from shop_user where id=$id");
	if(mysql_num_rows($sql)<=0){echo"Chưa có user nào!";}
	else{
		while($r=mysql_fetch_array($sql)){
			
?>
    
<form name="form1" method="post" action="">
<article class="module width_full">
			<header><h3>Sửa User</h3></header>
				<div class="module_content">	
				<fieldset>
							<label>Tên đăng nhập</label>
							<input name="user" type="text" id="user" value="<? echo $r["user"];}}?>" size="50"> 
				</fieldset>
				<fieldset>
							<label>Mật khẩu</label>
							<input name="pass" type="text" id="pass" size="50">
				</fieldset>
				
				<input type="submit" name="cmd" id="cmd" value="Sửa" class="alt_btn">
				</div>
		</article><!-- end of styles article -->
</form>

<?
	$a=intval(isset($_REQUEST["id"]));
	$user_post= addslashes(isset($_POST["user"]));
	
	if(isset($_REQUEST["cmd"])=="Sửa"){
		
		if(!$_POST["pass"]){
			mysql_query("update shop_user set user='$user_post' where id=$a");
			echo"<meta http-equiv='refresh' content='0;url=?act=user&mod=view'>";}
		else{
		$user_trung=mysql_query("select user from shop_user where id!=$a");
		while($r_t=mysql_fetch_array($user_trung)){$u_t=$r_t["user"];}
		if($u_t==$user_post){echo"<center><font color=red>Trùng với user đã có,vui lòng chọn tên khác!</font></center>";}
		
		else{
	 	mysql_query("update shop_user set user='$user_post', pass='".md5(sha1($_POST["pass"]))."' where id=$a");
		
		echo"<meta http-equiv='refresh' content='0;url=?act=user&mod=view'>";}}
	}
	
	
break;

	
	

	
		case "view":
	
	$sql = mysql_query("select * from shop_user");
	if (mysql_num_rows($sql)<=0){
		echo"<center>Chưa có thành viên nào</center><br>";}
		else{?>


			<article class="module width_full">
			<header><h3>Quản lý User</h3></header>
	
		<div class="tab_container">
			<div id="tab1" class="tab_content">
			<table class="tablesorter" cellspacing="0"> 
			<thead> 
				<tr> 
    				<th>ID</th> 
    				<th>Tên đăng nhập</th> 
    				<th>Sửa</th> 
    				<th>Xóa</th>
				</tr> 
			</thead> 
			<tbody> 


  <? while ($r=mysql_fetch_array($sql)) {?>
				<tr> 
   					<td><? echo $r["id"]; ?></td> 
    				<td><a href="?act=user&mod=edit&id=<? echo $r["id"];?>"><?=$r["user"]; ?></a></td> 
    				<td><a href="?act=user&mod=edit&id=<?=$r["id"];?>">Sửa</a></td> 
    				<td><a onClick="return  confirm('Bạn có muốn xóa thành viên này ko?');" href='?act=user&mod=delete&id=<?=$r["id"];?>'>Xóa</a></td> 
				</tr> 
    
    <? }?>
    <tr>
      <td><a href="?act=user&mod=add";">Thêm thành viên mới</a></td>
    </tr>

			</tbody> 
			</table></div></div>
		</article><!-- end of styles article -->
			<? }
			
			
			break; 
	
		
		} 
	
?>
  
  
  
  
  
  
